Internet Protocol

The IP protocol is mainly for the addresses of packets traveling on the internet, specifying where they come from (Source) and where they are going (Destination). For this reason, hackers and forensic investigators can get important information from IP Packet Headers.

IP Packet Header Diagram
Fig: IP Packet Header

The image is from educba.com. In the diagram, you'll see rows marked with numbers like 0, 4, 8, 12, 16, and 20. Let's study them row by row.

In the top row, we find **Version**, **IHL**, **DSCP**, **ECN**, and **Total Length**. The **Version** field specifies the IP version used, whether it's IPv4 or IPv6. **IHL** stands for Internet Header Length. **DSCP** is short for Differentiated Services Code Point and is also known as ToS (Type of Service). It describes features related to the quality of service being used. **ECN** stands for Explicit Congestion Notification and is used to improve network performance and prevent packet loss during congestion. It's an optional feature, so it's sometimes left out in some explanations. **Total Length** indicates the size of the entire packet, including the data. The maximum size that can be used for Total Length is 65535 bytes, which is also the maximum size for a 16-bit field length.

The second row includes **Identification**, **IP Flags**, and **Fragment Offset**. **Identification** is used to identify packets. When a packet exceeds the Maximum Transmission Unit (MTU), it has to be broken into smaller pieces. This process is called Fragmentation. These smaller fragments are then transmitted and carried to their destination. Once they arrive, these fragments must be reassembled to form the original packet. The **Fragment Offset** is used to keep a record of this process.

The third row of the IP header contains **TTL**, **Protocol**, and **Header Checksum**. **TTL** stands for Time to Live and varies depending on the sender's Operating System. The **Protocol** field is straightforward; it's used to identify which protocol is in use. The Protocol field is 8 bits long, allowing for 256 possible protocols. For example, TCP is 6, UDP is 17, ICMP is 1, and IPv6 encapsulation is 41, etc. **Checksum** is for data integrity, to check for errors and other issues.

As for the **Source Address** and **Destination Address** fields, they likely don't need much explanation. They record the IP addresses of where the packet came from and where it's going. An IPv4 Address is 32 bits, so it occupies an entire row in the packet header.

When talking about protocols, we cannot leave out TCP. To not skip over important information, we also need to study TCP.

Advertisement

Recent in Technology

Internet Protocol

Internet Protocol

Posted by Khit Minnyo

Post a Comment

0 Comments

People

Most Popular

What is Mobile Phone Hacking?

What is OSINT?

OSINT Challenges

About the "ILOVEYOU" Virus that Caused Chaos Worldwide

Steps of Hacking

SQL injection cheat sheet

IPv4 Ranges

About IP Addresses

TCP/IP For Hacking

If we forgot Kali's Login Password, How to reset it

Facebook

Tags

Advertisement

Menu Footer Widget

Contact form

Advertisement

Recent in Technology

Internet Protocol

Internet Protocol

Posted by Khit Minnyo

You may like these posts

Post a Comment

0 Comments

People

Most Popular

Facebook

Tags

Advertisement

Menu Footer Widget

Contact form